Lucene search

K
nvd[email protected]NVD:CVE-2020-27827
HistoryMar 18, 2021 - 5:15 p.m.

CVE-2020-27827

2021-03-1817:15:13
CWE-400
web.nvd.nist.gov

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.006 Low

EPSS

Percentile

78.3%

A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.

Affected configurations

NVD
Node
lldpd_projectlldpdRange<1.0.8
OR
openvswitchopenvswitchRange2.6.02.6.9
OR
openvswitchopenvswitchRange2.7.02.7.12
OR
openvswitchopenvswitchRange2.8.02.8.10
OR
openvswitchopenvswitchRange2.9.02.9.8
OR
openvswitchopenvswitchRange2.10.02.10.6
OR
openvswitchopenvswitchRange2.11.02.11.5
OR
openvswitchopenvswitchRange2.12.02.12.2
OR
openvswitchopenvswitchRange2.13.02.13.2
OR
openvswitchopenvswitchRange2.14.02.14.1
Node
redhatopenshift_container_platformMatch4.0
OR
redhatopenstackMatch10
OR
redhatopenstackMatch13
OR
redhatvirtualizationMatch4.0
OR
redhatenterprise_linuxMatch7.0
OR
redhatenterprise_linuxMatch8.0
Node
fedoraprojectfedoraMatch33
Node
siemenssimatic_hmi_unified_comfort_panels_firmwareRange<17
AND
siemenssimatic_hmi_unified_comfort_panelsMatch-
Node
siemenssimatic_net_cp_1243-1_firmwareMatch-
AND
siemenssimatic_net_cp_1243-1Match-
Node
siemenssimatic_net_cp_1243-8_irc_firmwareMatch-
AND
siemenssimatic_net_cp_1243-8_ircMatch-
Node
siemenssimatic_net_cp_1542sp-1_firmwareMatch-
AND
siemenssimatic_net_cp_1542sp-1Match-
Node
siemenssimatic_net_cp_1542sp-1_irc_firmwareMatch-
AND
siemenssimatic_net_cp_1542sp-1_ircMatch-
Node
siemenssimatic_net_cp_1543-1_firmwareMatch-
AND
siemenssimatic_net_cp_1543-1Match-
Node
siemenssimatic_net_cp_1543sp-1_firmwareMatch-
AND
siemenssimatic_net_cp_1543sp-1Match-
Node
siemenssimatic_net_cp_1545-1_firmwareMatch-
AND
siemenssimatic_net_cp_1545-1Match-
Node
siemenstim_1531_irc_firmwareRange<2.2
AND
siemenstim_1531_ircMatch-
Node
siemenssinumerik_one_firmwareRange<2.0.1
AND
siemenssinumerik_oneMatch-

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.006 Low

EPSS

Percentile

78.3%